<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>注册界面</title>

<link rel="stylesheet" type="text/css" href="./css/index1.css">
<style>
body{height:100%;}
</style>
</head>
<body background="E:\wwwroot\wycto\cant\images\2.jpg"
      style=" background-repeat:no-repeat ;
	  background-size:100% 100%;
	  background-attachment: fixed;">   
<?php

///过滤字符函数
function filterInput($data) {
   $data = trim($data);//不必要的字符 (如：空格，tab，换行)。
   $data = stripslashes($data);//去除反斜杠 (\)
   $data = htmlspecialchars($data);//把一些预定义的字符转换为 HTML 实体
   return $data;
}

$nameErr="";
$passErr="";
$identErr="";

if($_SERVER["REQUEST_METHOD"]=="POST")
{
	$user_name = $_POST["user_name"];
	$user_pass = $_POST["user_pass"];
	$user_ident= $_POST["user_ident"];
		

//echo "user_ident"."=".$user_ident;

	//过滤字符
	$user_name=filterInput($user_name);
	$user_pass=filterInput($user_pass);
	$user_ident=filterInput($user_ident);
	
	if (empty($user_name))
	{
		$nameErr="用户名为空";
	}
	if (empty($user_pass))
	{
		$passErr="密码为空";
	}
	if (empty($user_ident))
	{
		$identErr="身份为空";
	}

	if ($nameErr=='' and $passErr=='' and $identErr='')
	{
		//连接数据库
	//	$conn=mysqli_connect("localhost","root","root","stu") or die("数据库连接失败");
		include "conn.php";
		$sql="select * from user where user_name='$user_name'";
		
		$result=mysqli_query($conn,$sql) ;
		if(mysqli_num_rows($result)>0)
		{	
			echo "<script language='javascript' type='text/javascript'>";
			echo "alert('用户已经注册，请设置其他用户名');";
			echo "</script>";
			
		}
		else
		{
			$pass_hash=password_hash($user_pass,PASSWORD_DEFAULT);
			$sql="insert into user(user_name,user_pass,power) values('$user_name','$pass_hash','$user_ident')";
			
			$result=mysqli_query($conn,$sql) or die("插入失败，请检查SQL语法");
			
			echo "<script language='javascript' type='text/javascript'>";
			echo "alert('用户注册成功');";
			
			echo "</script>";
			
		}
		
	}
	

}
?>




<div class="index_01" > 
<table style="width: 100%;height:100%;" >
  <tr>
    <td align="center" >
     <form name="reg"  method="post"  action="<?php htmlspecialchars($_SERVER["PHP_SELF"]);?>"><!--htmlspecialchars，避免带入攻击性脚本-->
      <table  align="center" width=350 height=230; style="font-family:宋体;font-size:25px;">
      <tr align="center"> 
          <td colspan="2" style="font-size:35px;">注册用户</td>
      </tr>
      <tr>
          <td align="center">用户名</td>
          <td>
          <input type="name" name="user_name" maxlength="20" placeholder="请输入用户名" style="width:180px;font-size:20px;border-radius: 8px; ">
          <span>*<?php echo $nameErr; ?></span></td>
      </tr>
      
      
      <tr>
          <td align="center">密   码</td>
          <td >
          <input type="password" name="user_pass" maxlength="16" placeholder="请输入密码" style="width:180px;font-size:20px;border-radius: 8px; ">
        <span>*<?php echo $passErr; ?></span></td>
      </tr>
      
       <tr>  
           <td align="center" style="font-size:25px;">身     份</td>  
           <td>
            用  户<input type="radio" name="user_ident" value="用户"/>
            管理员<input type="radio" name="user_ident" value="管理员"/>
          <span>*<?php echo $identErr; ?></span></td>
       </tr>
      <tr>
        <td colspan="2" align="center">
        <input type="submit" name="zu" value="提交" style="font-size:17px;border-radius:12px;" class="btn"/>
        <input type="reset" name="zu" value="重置" style="font-size:17px;border-radius: 12px;" class="btn"> 
        <input type="button" name='zu' value='返回' onClick="location.href='index.html'" style="font-size:17px;border-radius: 12px;" class="btn"/>
        </td>
      </tr>
   </table>
   </form>
    </td>
  </tr>
</table>
</div>
</body>
<html>
